If you happen to be getting a lot of reports that messages seem to be undelivered or delivered to people's spam folder, you can add a layer of validation to your DNS settings.
Spf Record
Depending on your hosting service, you can request that they add a SPF setting to allow mail to be sent from our email servers on your behalf by setting a TXT record that looks like the following.
v=spf1 a mx ip4:208.75.64.82 ~all
Most likely you will have your own included value as well, for the current setup like the following for GSuite users.
v=spf1 include:_spf.google.com ip4:208.75.64.82 ~all
Example GoDaddy Setting:
For more details see these following reference articles.
https://www.dmarcanalyzer.com/spf/how-to-create-an-spf-txt-record/
https://www.digitalocean.com/community/questions/add-two-ip-addresses-to-an-spf-record
MX Record
Create an MX record for your subdomain (e.g. "shop") so that when mail is checked from the sender, your customers' mail client can verify the sender of the email.
Few people realize this, but technically, email is very dumb. You can literally send email from anyone. Settings like this make sure the sender matches the ability to send from that domain. This helps prevent phishing hacks and emails from places that would not normally send out requests for you to login to something.
For Type you would select "MX".
For name you would want to give the first part of your sub domain like "shop" if you are "shop.redcoyoterunning.com".
Set the priority to something low because it will not be accepting email messages. "100" should be fine.
The value should be the actual email server name which, in our case, is a service provided by "host292.bluetowerhosting.com".
The TTL should be the lowest possible as it is important to make this go live as soon as possible.
DMARC Record
Creating a dmarc record is one of the easiest settings that allows you to specify that you have either dkim or spf validation, so be sure to setup one of those two before setting this record.
Simply create a TXT record with your DNS provider, use _dmarc.shop as the Name value and "v=DMARC1; p=none" as the Value. Set the TTL to the lowest possible to make sure it goes live ASAP.
DKIM Signing
The most complex and probably the most valuable setting one can make is to add a dkim signing record to their DNS and have Run Free install it on their email server.
First go to this url to generate your certificates.
You will be presented with a screen where you need to enter a couple of values.
Enter "dkim" for "Selector" and your web domain that you use with Run Free for the domain: normally in the form "shop.yourwebsite.com" like "shop.runfreeproject.com".
Leave Key Length at "1024" and click "Generate DKIM Record".
The following will be displayed.
Send the Private Key on the left from ---- BEGIN to the ----- END line to support@runfreeproject.com , paste it into the chat window, or set it in the "DKIM Signature" field in your "Settings" > "Integrations" > "EMail" tab. Be sure to click "Save" then you can run a test to see if they are working.
Then you will need to setup the public key in your DNS. The site will have instructions that look like the following.
Take that record and set a TXT record in your DNS provider. If you are unsure of what this means, contact your web hosting company and they can help you.
An example of what that would look like in GoDaddy when you go to set it would look like the following.
Example Name: dkim._domainkey.shop
Make sure to save both your public and private keys somewhere safe, as you may need them in the future.